2.7 - Mobile Device Security

Question 1

Screen locks

Answer 1

• Restrict access to the device
  – You’re going to leave it somewhere
• Facial recognition
  – Unlock with your face
• PIN
  – Choose a personal identification number
• Fingerprint
  – Built-in fingerprint reader
• Swipe
  – Choose a pattern
• Failed attempts
  – iOS: Erase everything after 10 failed attempts
  – Android: Lock the device and require a
  Google login or wipe the device

Question 2

Locator applications and remote wipe

Answer 2

• Built-in GPS
  – And location “helpers”
• Find your phone
  – On a map.
• Control from afar
  – Make a sound
  – Display a message
• Wipe everything
  – At least your data is safe

Question 3

Patching/OS updates

Answer 3

• All devices need updates - Even mobile devices
• Device patches - Security updates
• Operating system updates
  – New features, bug fixes
• Don’t get behind!
  – Avoid security problems

Question 4

Full device encryption

Answer 4

• Encrypt all device data
  – Phone keeps the key
• iOS 8 and later
  – Personal data is encrypted with your passcode
• Android
  – Version 5.0 and later is probably already encrypted

Question 5

Remote backup

Answer 5

• Difficult to backup something that’s always moving
  – Backup to the cloud
• Constant backup
  – No manual process
• Backup without wires
  – Use the existing network
• Restore with one click
  – Restores everything
  – Authenticate and wait

Question 6

Anti-virus and anti-malware

Answer 6

• Apple iOS
  – Closed environment, tightly regulated
  – Malware has to find a vulnerability
• Android
  – More open, apps can be installed from anywhere
  – Easier for malware to find its way in
• Apps run in a “sandbox”
  – You control what data an app can view
• Third-party virus and malware protection
  – Available from the usual providers

Question 7

Firewalls

Answer 7

• Mobile phones don’t include a firewall
  – Most activity initiates outbound, not inbound
• Some mobile firewall apps are available
  – Most for Android
  – None seem to be widely used
• Enterprise environments can control mobile apps
  – Firewalls can allow or disallow access

Question 8

Policies and procedures

Answer 8

• Manage company-owned and user-owned
  mobile devices
  – BYOD - Bring Your Own Device
• Centralized management of the mobile devices
  – Specialized functionality /
  Mobile Device Manager (MDM)
• Set policies on apps, data, camera, etc.
  – Control the remote device
  – The entire device or a “partition”
• Manage access control
  – Force screen locks and PINs on these single user devices

Question 9

IoT (Internet of Things)

Answer 9

• Sensors - Heating and cooling, lighting
• Smart devices - Home automation, video doorbells
• Wearable technology - Watches, health monitors
• Facility automation - Temperature, air quality, lighting
• Weak defaults
  – IoT manufacturers are not security professionals
  – Consider isolating IoT devices on their own network